Routers HNAP Service Stack‑Based Buffer Overflow Vulnerability

10 novembre, 2016

Overview

The security research firm, dbappsecurity, notified D-Link of a theoretical buffer overflow vulnerability which was discovered using an emulator software. D-Link immediately began work on verifying the existence of the issue, yet was unable to replicate it on the physical product. Regardless, to eliminate the potential risk, we have released firmware patches to related product that were sent to dbappsecurity for validation. These firmware patches also resolve the recently published CERT record reported by Pedro Ribeiro.